From 5951b954be0bf83f369fe76edf36e2d6c1ea8f7a Mon Sep 17 00:00:00 2001 From: Thomas Woerner <twoerner@redhat.com> Date: Fri, 31 May 2019 17:58:47 +0200 Subject: [PATCH] ipa[server,replica]: Enable freeipa-trust service if adtrust is enabled The freeipa-trust service has not been added if adtrust was enabled. For ipareplica the addition of freeipa-replication has been removed as the used port is not used anymore since some time. Fixes: #83 (when installing with ipaserver_setup_adtrust: true the firewalld service freeipa-trust is not added) --- roles/ipareplica/tasks/install.yml | 6 ++++-- roles/ipaserver/tasks/install.yml | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml index 679021c8..72f45223 100644 --- a/roles/ipareplica/tasks/install.yml +++ b/roles/ipareplica/tasks/install.yml @@ -96,7 +96,8 @@ --permanent --add-service=freeipa-ldap --add-service=freeipa-ldaps - --add-service=freeipa-replication + {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool + else "" }} {{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }} {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }} when: ipareplica_setup_firewalld | bool @@ -106,7 +107,8 @@ firewall-cmd --add-service=freeipa-ldap --add-service=freeipa-ldaps - --add-service=freeipa-replication + {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool + else "" }} {{ "--add-service=dns" if ipareplica_setup_dns | bool else "" }} {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }} when: ipareplica_setup_firewalld | bool diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml index 14c1730d..cfb88ead 100644 --- a/roles/ipaserver/tasks/install.yml +++ b/roles/ipaserver/tasks/install.yml @@ -391,6 +391,8 @@ --permanent --add-service=freeipa-ldap --add-service=freeipa-ldaps + {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool + else "" }} {{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }} {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }} when: ipaserver_setup_firewalld | bool @@ -400,6 +402,8 @@ firewall-cmd --add-service=freeipa-ldap --add-service=freeipa-ldaps + {{ "--add-service=freeipa-trust" if ipaserver_setup_adtrust | bool + else "" }} {{ "--add-service=dns" if ipaserver_setup_dns | bool else "" }} {{ "--add-service=ntp" if not ipaclient_no_ntp | bool else "" }} when: ipaserver_setup_firewalld | bool -- GitLab